On a cold wintery day in Michigan last December I sat for, and passed, the CISSP (Certified Information Systems Security Professional) exam by (ISC)2 in approximately 1 hour and 45 minutes with a 5-10 minute break. Read below and learn how I passed the CISSP on the first try.
What I did
I started off my three month study session with the CISSP videos from cbtnuggets.com. CBT Nuggets is always a great starting place to introduce yourself to the material. After completing those videos, I moved to the audio book that came with Shon Harris’s All-in-One Exam Guide (6th Edition). This book was provided to me as part of an internal CISSP study program at work (Thanks Tom!). With (ISC)2 changing the CISSP domains from 10 to 8, I knew this book was, at the very least, slightly out of date. My internal class consisted of a group, which met a couple hours a week, and went through each chapter and the questions at the end.
After completing Shon Harris’s audio book I opted to buy CISSP (ISC)2 Official Study Guide 7th edition by Sybex, which included the changes made to the CISSP domains by (ISC)2 in 2015. As I read through the book, chapter by chapter, I also completed the accompanying exam simulator questions for each chapter. If I got the question wrong, I would research the answer and learn everything I could about the topic, so next time not only could I answer the questions, but I had a full understanding of the topic.
After completing these books and questions, I scoured the internet for more information. After reading numerous blog posts and forum topics, I decided to jump both feet in and purchase the Transcender practice exam for the CISSP. The practice exam ranges in prices but it is hands-down worth it. The questions on Transcender were much different than any other exam simulator that I’d seen. Not only that, but the flash cards were a godsend. I went through these flashcards daily for at least 2-3 hours for 30 days straight. After I spent a few days going through the note-cards, I realized they were the most helpful to me in learning, and retaining the information–so they became a large part of my study process.
I also heard about Quizlet through a few people at work and decided to give it a try. Quizlet was OK, but I still preferred Transcender’s version. Quizlet was nice for being on-the-go because I could flip through cards on my phone while waiting in line at Meijer or waiting to use a microwave at work. Transcender does not have a mobile version so you’re forced to be at a computer, which is unfortunate.
After everything was said and done I’m sure I went through more than 5,000 practice questions–and to my surprise, I didn’t see a single one of them on the exam. I can’t give complete credit to my study habits though. I remember reading one of the questions on the exam and thinking, “Wow, I didn’t see this referenced anywhere in the CISSP material, good thing I worked for the bank,” which I find myself saying frequently.
When I say bank I’m talking about Isabella Bank(shout out to my Isabella Bank family :D). Throughout my time at Isabella Bank I was involved with numerous security related audits, as well as remediation’s; which eventually lead us to roll out a social engineering tool, a pen-testing tool, a vulnerability scanner, and thus starting a vulnerability management program. I would not be where I am today, if it wasn’t for the bank and my experiences there. I think my experiences at the bank definitely helped me pass the CISSP and without it I think I still would have passed but it would have been close.
In the end, do what works for you. What worked for me was reading, watching videos, doing exam simulators, listening to an audio book, thousands of note-cards, and a few months free time dedicated to studying the material. My experiences throughout my career definitely helped me pass the exam and that experience isn’t something that can be learned in three months time. It took a lot of time and effort to pass this exam but I’m glad I spent the time and effort to learn the material and pass the exam on the first try.
Already pass the exam? What worked for you? Comment below